Actions

Google is defending its policy to allow third-party apps to access and share data from Gmail accounts, according to a letter made public Thursday.

Gmail, which has over 1.4 billion users globally, lets third-party developers integrate services into its email platform, such as trip planners and custom relationship management systems.

"Developers may share data with third parties so long as they are transparent with the users about how they are using the data," Susan Molinari, VP of public policy and government affairs for the Americas at Google, said in the letter to Senators, which was obtained by CNNMoney.

Google also makes "the privacy policy easily accessible to users to review before deciding whether to grant access," she said. Users can view or remove app access on their Google Account page -- or they can choose to not download the app.

Last year, Google stopped scanning Gmail account emails for advertising purposes. In the letter, Molinari also noted that no human employees read users' Gmail except in "very specific cases where they ask us to and give consent" or for security purposes, like abuse investigations.

The letter was sent in July to lawmakers including Senator John Thune, a South Dakota Republican who chairs the Senate Commerce Committee.

The company noted in the letter that it has a process in place for identifying apps that misrepresent themselves or aren't transparent about how personal data is used. Google says it is able to suspend these apps in the "majority of cases" before they're allowed to access data. However, it's unclear how many malicious apps have been removed.

In July, the Wall Street Journal reported
software developers scan hundreds of million of emails of Gmail users who have signed up for email-based services like travel itinerary tools.

In response to the report, Google released a blog post
about Gmail privacy and security. When asked for further comment on Thursday, a Google spokesperson referred CNNMoney to that blog post.

The company said in the blog post that non-Google apps must undergo a review process before they can access users' Gmail messages. For example, there is an automated and manual review of the developer, testing of the app and an assessment of its privacy policy and homepage to investigate whether it's legitimate. The blog post also encouraged users to review the permissions screen before allowing non-Google apps access to data.